Search Results

Search found 10480 results on 420 pages for 'session cookies'.

Page 23/420 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • how to handle a array of objects in a session

    - by Robert
    Hello, In the project I'm working on I have got a list List<Item> with objects that Is saved in a session. Session.Add("SessionName", List); In the Controller I build a viewModel with the data from this session var arrayList = (List<Item>)Session["SessionName"]; var arrayListItems= new List<CartItem>(); foreach (var item in arrayList) { var listItem = new Item { Amount = item.Amount, Variant= item.variant, Id = item.Id }; arrayListItems.Add(listItem); } var viewModel = new DetailViewModel { itemList = arrayListItems } and in my View I loop trough the list of Items and make a form for all of them to be able to remove the item. <table> <%foreach (var Item in Model.itemList) { %> <% using (Html.BeginForm()) { %> <tr> <td><%=Html.Hidden(Settings.Prefix + ".VariantId", Item .Variant.Id)%> <td> <%=Html.TextBox(Settings.Prefix + ".Amount", Item.Amount)%></td> <td> <%=Html.Encode(Item.Amount)%> </td> <td> <input type="submit" value="Remove" /> </td> </tr> <% } %> <% } %> </table> When the post from the submit button is handeld the item is removed from the array and post back exactly the same viewModel (with 1 item less in the itemList). return View("view.ascx", viewModel); When the post is handled and the view has reloaded the value's of the html.Hidden and Html.Textbox are the value's of the removed item. The value of the html.Encode is the correct value. When i reload the page the correct values are in the fields. Both times i build the viewModel the exact same way. I cant find the cause or solution of this error. I would be very happy with any help to solve this problem Thanx in advance for any tips or help

    Read the article

  • session management: problem displaying username in the header

    - by aeonsleo
    hi, I am working on a simple login and logout module for my website without any security. I am using wamp on a windows xp machine. I am creating session when a user submits the login informaton it redirects to a process.php file which creates the session variables and starts session. Now if the login is successful user is redirected to the welcome page which includes a header file(which displays the header involving signin logout help options) The problem is the header is not changing the signin link to logout as the user logs successfully. The below code is from process.php which initiates a login. $username = $_POST['username']; $password = $_POST['password']; //echo "{$username}:{$password}"; $connection = mysql_connect("localhost","root",""); if(!$connection) { die("Database Connection Failed".mysql_error()); } $db_select = mysql_select_db("tester",$connection); if(!$db_select) { die("Database Selection Failed".mysql_error()); } $result = mysql_query("SELECT * FROM user",$connection); if(!$result) { die("Database Selection Failed".mysql_error()); } $q = "SELECT * FROM user " ."WHERE Name='".$username."' AND Password='".$password. "' "; // Run query $r = mysql_query($q); if ( $obj = @mysql_fetch_object($r) ) { session_start(); // Login good, create session variables $_SESSION["valid_id"] = session_id(); $_SESSION["valid_user"] = $_POST["username"]; $_SESSION["valid_time"] = time(); Header('Location: welcome.php'); The following code is from header.php which is included in welcome.php </div> <div id = "userdetail"> <?php if(isset($_SESSION["valid_user"])) { echo($_SESSION["valid_user"]." " ); echo("<a href=logout.php>Logout</a>"); } else { echo("<a href = login.php>Sign In</a>"); } ?> | Help | Search <input type = "text" name = "searchbox" value = "" /> </div> </div>

    Read the article

  • How to get dynamically session object in struts2

    - by Sujeet Singh
    I am trying to get dynamically session object in struts2 application. <s:if test="%{#session['resToken'].bookingType == 1}"> resToken can be get by <s:property value="%{resToken}">.. But I can't write <s:property> within <s:if test=""> its giving me error of double quotes.. org.apache.jasper.JasperException: /WEB-INF/jsp/booking/banquet/guest-Info-View.jsp(150,40) Unterminated &lt;s:if tag

    Read the article

  • Saving objects in servlet session and java.io.NotSerializableException

    - by EugeneP
    SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writi ng aborted; java.io.NotSerializableException: That means this object cannot be persisted on hard disk. Does it imply that it's not safe to keep in Session objects that do not implement "Serializable"? I haven't heard that there are limitations on saving non-serializable objects in Session object. It simply means that Tomcat will always keep them in memory, right?

    Read the article

  • Saving objects in servlet session and java.io.NotSerializableException

    - by EugeneP
    SEVERE: IOException while loading persisted sessions: java.io.WriteAbortedException: writi ng aborted; java.io.NotSerializableException: That means this object cannot be persisted on hard disk. Does it imply that it's not safe to keep in Session objects that do not implement "Serializable"? I haven't heard that there are limitations on saving non-serializable objects in Session object. It simply means that Tomcat will always keep them in memory, right?

    Read the article

  • session problem in rails

    - by piemesons
    I am getting this error. No :secret given to the #protect_from_forgery call. Set that or use a session store capable of generating its own keys (Cookie Session Store). I deleted all the cookies, values from sessions table. Restarted my server.Still geting the same error and this code was working yesterday.

    Read the article

  • Using Session Vars in a MVC Domain Model library

    - by 104286623826380127552
    Hello to all. I have a IQueryable function. In that function, I need to store and retrieve data to Session; can you guys point me in the right direction. I've looked at the HttpSessionStatBase where the session is usually taken from HttpContext.Current but this doesnt seem possible to do in the library. Am I missing something? Thanks in advance.

    Read the article

  • cookieless sessions with ajax

    - by thezver
    ok, i know you get sick from this subject. me too :( I've been developing a quite "big application" with PHP & kohana framework past 2 years, somewhat-successfully using my framework's authentication mechanism. but within this time, and as the app grown, many concerning state-preservation issues arisen. main problems are that cookie-driven sessions: can't be used for web-service access ( at least it's really not nice to do so.. ) in many cases problematic with mobile access don't allow multiple simultaneous apps on same browser ( can be resolved by hard trickery, but still.. ) requires many configurations and mess to work 100% right, and that's without the --browser issues ( disabled cookies, old browsers bugs & vulnerabilities etc ) many other session flaws stated in this old thread : http://lists.nyphp.org/pipermail/talk/2006-December/020358.html After a really long research, and without any good library/on-hand-solution to feet my needs, i came up with a custom solution to majority of those problems . Basically, i'ts about emulating sessions with ajax calls, with additional security/performance measures: state preserved by interchanging SID(+hash) with client on ajax calls. state data saved in memcache(or equivalent), indexed by SID security achieved by: appending unpredictible hash to SID egenerating hash on each request & validating it validating fingerprint of client on each request ( referrer,os,browser etc) (*)condition: ajax calls are not simultaneous, to prevent race-condition with session token. (hopefully Ext-Direct solves that for me) From the first glance that supposed to be not-less-secure than equivalent cookie-driven implementation, and at the same time it's simple, maintainable, and resolves all the cookies flaws.. But i'm really concerned because i often hear the rule "don't try to implement custom security solutions". I will really appreciate any serious feedback about my method, and any alternatives. also, any tip about how to preserve state on page-refresh without cookies would be great :) but thats small technical prob. Sorry if i overlooked some similar post.. there are billions of them about sessions . Big thanks in advance ( and for reading until here ! ).

    Read the article

  • Selenium - Could not start Selenium session: Failed to start new browser session: Error while launching browser

    - by Yatendra Goel
    I am new to Selenium. I generated my first java selenium test case and it has compiled successfully. But when I run that test I got the following RuntimeException java.lang.RuntimeException: Could not start Selenium session: Failed to start new browser session: Error while launching browser at com.thoughtworks.selenium.DefaultSelenium.start <DefaultSelenium.java:88> Kindly tell me how can I fix this error. This is the java file I want to run. import com.thoughtworks.selenium.*; import java.util.regex.Pattern; import junit.framework.*; public class orkut extends SeleneseTestCase { public void setUp() throws Exception { setUp("https://www.google.com/", "*chrome"); } public void testOrkut() throws Exception { selenium.setTimeout("10000"); selenium.open("/accounts/ServiceLogin?service=orkut&hl=en-US&rm=false&continue=http%3A%2F%2Fwww.orkut.com%2FRedirLogin%3Fmsg%3D0&cd=IN&skipvpage=true&sendvemail=false"); selenium.type("Email", "username"); selenium.type("Passwd", "password"); selenium.click("signIn"); selenium.selectFrame("orkutFrame"); selenium.click("link=Communities"); selenium.waitForPageToLoad("10000"); } public static Test suite() { return new TestSuite(orkut.class); } public void tearDown(){ selenium.stop(); } public static void main(String args[]) { junit.textui.TestRunner.run(suite()); } } I first started the selenium server through the command prompt and then execute the above java file through another command prompt. Second Question: Can I do right click on a specified place on a webpage with selenium.

    Read the article

  • Is there a way to manage browser [chrome] session cookies with a fast toggle for multiple users?

    - by ResoluteHiker
    I feel I should go into more detail. My wife and I share a laptop and browse email. Currently we keep coming back to each others gmail accounts, having to log out and log back in. Are there any good extensions or addons that would allow us to toggle back and forth between these? This does not necessarily need to apply to just gmail but include any cookie, session, etc. I'd be willing to use Firefox if such an extension exists on it as well. Much appreciated!

    Read the article

  • IIS: No Session being handed out, but only in production

    - by Wayne
    I've reproduced this in a simple project - details below. It's a WCF service in ASP.NET compatibility mode. What I'm seeing is that when run on the dev machine (Win7), a HTTP session id is available inside the service operation (HttpContext.Current.Session is non-null). But when deployed to the server (Win2k8R2), I get "No session". On both machines the app is configured to use the classic app pool, and the app pools themselves are configured identically as far as I can tell. The only differences I can discern between the two applications is that on the dev box, under "Handler Mappings", ISAPI-dll is disabled (not on the server), and on the server there's a spurious handler called "AboMapperCustom-7105160" (does not exist on the dev box). What should I be looking at next? Am I missing something head-slappingly simple? Service is this: [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)] public class Service2 { [OperationContract] public string DoWork() { if (HttpContext.Current != null) { if (HttpContext.Current.Session != null) { return "SessionId: " + HttpContext.Current.Session.SessionID; } else { return "No Session"; } } else { return "No Context"; } } } Config is: <?xml version="1.0" encoding="UTF-8"?> <configuration> <configSections> <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler,log4net, Version=1.2.9.0, Culture=neutral, PublicKeyToken=b32731d11ce58905" /> <sectionGroup name="system.web.extensions" type="System.Web.Configuration.SystemWebExtensionsSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <sectionGroup name="scripting" type="System.Web.Configuration.ScriptingSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <sectionGroup name="webServices" type="System.Web.Configuration.ScriptingWebServicesSectionGroup, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"> <section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="Everywhere" /> <section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> <section name="roleService" type="System.Web.Configuration.ScriptingRoleServiceSection, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" allowDefinition="MachineToApplication" /> </sectionGroup> </sectionGroup> </sectionGroup> </configSections> <log4net> <appender name="LogFile" type="log4net.Appender.RollingFileAppender"> <file value="C:\Temp\Test.log4net.log" /> <rollingStyle value="Once" /> <maxSizeRollBackups value="10" /> <layout type="log4net.Layout.PatternLayout"> <conversionPattern value="%d{ISO8601} [%5t] %-5p %c{1} %m%n" /> </layout> </appender> <root> <level value="DEBUG" /> <appender-ref ref="LogFile" /> </root> </log4net> <appSettings /> <connectionStrings /> <system.web> <compilation debug="true"> <assemblies> <add assembly="System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> <add assembly="System.Data.DataSetExtensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> <add assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add assembly="System.Xml.Linq, Version=3.5.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" /> </assemblies> </compilation> <!-- The <authentication> section enables configuration of the security authentication mode used by ASP.NET to identify an incoming user. --> <authentication mode="Windows" /> <!-- The <customErrors> section enables configuration of what to do if/when an unhandled error occurs during the execution of a request. Specifically, it enables developers to configure html error pages to be displayed in place of a error stack trace. --> <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm"> <error statusCode="403" redirect="NoAccess.htm" /> <error statusCode="404" redirect="FileNotFound.htm" /> </customErrors> <pages> <controls> <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </controls> </pages> <httpHandlers> <remove verb="*" path="*.asmx" /> <add verb="*" path="*.asmx" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add verb="*" path="*_AppService.axd" validate="false" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" /> </httpHandlers> <httpModules> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </httpModules> </system.web> <system.codedom> <compilers> <compiler language="c#;cs;csharp" extension=".cs" warningLevel="4" type="Microsoft.CSharp.CSharpCodeProvider, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <providerOption name="CompilerVersion" value="v3.5" /> <providerOption name="WarnAsError" value="false" /> </compiler> </compilers> </system.codedom> <!-- The system.webServer section is required for running ASP.NET AJAX under Internet Information Services 7.0. It is not necessary for previous version of IIS. --> <system.webServer> <validation validateIntegratedModeConfiguration="false" /> <modules> <remove name="ScriptModule" /> <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </modules> <handlers> <remove name="WebServiceHandlerFactory-Integrated" /> <remove name="ScriptHandlerFactory" /> <remove name="ScriptHandlerFactoryAppServices" /> <remove name="ScriptResource" /> <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> <add name="ScriptResource" preCondition="integratedMode" verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" /> </handlers> </system.webServer> <runtime> <assemblyBinding appliesTo="v2.0.50727" xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" /> </dependentAssembly> <dependentAssembly> <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35" /> <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="3.5.0.0" /> </dependentAssembly> </assemblyBinding> </runtime> <system.serviceModel> <bindings> <basicHttpBinding> <binding name="BasicHttpBinding_Service2" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Windows" /> </security> </binding> </basicHttpBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <behaviors> <serviceBehaviors> <behavior name="WebApplication3.Service2Behavior"> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> <services> <service behaviorConfiguration="WebApplication3.Service2Behavior" name="WebApplication3.Service2"> <endpoint address="" binding="basicHttpBinding" bindingConfiguration="BasicHttpBinding_Service2" contract="WebApplication3.Service2" /> </service> </services> </system.serviceModel> <system.diagnostics> <sources> <source name="System.ServiceModel" switchValue="Information, ActivityTracing" propagateActivity="true"> <listeners> <add name="traceListener" type="System.Diagnostics.XmlWriterTraceListener" initializeData="c:\Temp\Test2.svclog" /> </listeners> </source> </sources> <trace autoflush="true" indentsize="4"> <listeners> <add name="traceListener2" type="System.Diagnostics.TextWriterTraceListener" initializeData="c:\Temp\Test.log" traceOutputOptions="DateTime" /> </listeners> </trace> </system.diagnostics> </configuration> Testing with a simple console app: class Program { static void Main(string[] args) { ServiceReference1.Service2Client client = new ServiceReference1.Service2Client(); Console.WriteLine(client.DoWork()); Console.ReadKey(); } }

    Read the article

  • Losing Session between Classic ASP and ASP.NET

    - by Aaron
    The company that I work for is making a transition between classic ASP programs and ASP.NET programs for our intranet software. Eventually, everything will be written in ASP.NET, but because of time constraints, there are still a number of programs that use classic ASP. To compensate we've written features that allow for redirects and autologins between classic ASP programs and ASP.NET programs. I've been starting to see a problem, though, with holding the session state for our ASP.NET software. If a user uses an ASP.NET program, then does work in a classic ASP program, then goes back to that ASP.NET program, often times, the user's authentication for the ASP.NET program is still in place, yet the user's session is lost, resulting in an error whenever a function is performed within the program. I'm trying to capture the loss of the session state in global.asax's Session_End event, which would redirect the user to the login page, but that hasn't worked. Has anyone else faced a similar issue with users moving back and forth between classic ASP and ASP.NET and losing sessions? Is that even my real issue here? It's the only thing that I can see as being a problem. Thanks for any help.

    Read the article

  • Sharing session variables from http and https versio

    - by tangurena
    I am trying to fix an ASP.NET site that a friend had botched converting from older technologies. To the user, the site appears to have public and secured sections. Behind the scenes, the public and private sites are separate web applications with separate app pools. The difficulty arises because it appears that the applications share the same session IDs (when going from the public to the secured pages, the session ID remains the same), yet none of the (InProc) session variables are getting passed from the public site to the private one. Basically, the workflow consists of the user checking a checkbox ("I agree" type of stuff) on the public site (let's call that page http://www.boring.gov/iAgree.aspx), then logging in on the secured site (let's call that page https://www.boring.gov/login.aspx). The commandments from the parent agency in DC are that the user may not bookmark the login page, the user has to click "I agree" every time they log in, and that the "I agree" stuff has to be on a separate page. What am I missing? How would you do it? Notes: 1 - This is getting hosted on a single Windows 2003 server. 2 - Yes, it is a government agency. 3 - I would have done things very differently if I was doing the conversion, but I wasn't brought in until the poop hit the fan, and it is too late to redo things. 4 - Two previous SO threads that appear to be related, yet don't apply are this and that

    Read the article

  • Using ASP.NET session state with Silverlight (PRISM)

    - by Jon Andersen
    Hi, The scenario: I have a PRISM application developed in Silverlight (4), and I'm using a ASP.NET server side application to host several web-services (which, in turn, accesses WCF-services, but that's not really important here). The Silverlight application must be able to call the web services cross-domain (meaning that the web services isn't necessarily on the same server hosting the silverlight application). The Silverlight application consists of several modules, each accessing the ASP.NET web-services. I do not have much experience with Silverlight and PRISM, but as far as I can see, this is not a very unusual scenario... The problem: My challange is, that when 2 different modules access the web-services, I get 2 new sessions on the web-server. I would have thought that since both modules live on the same HTML-page (and then also in the same browser session), they would get the same session on the web-server...? I have tried to make the web-service Proxy-client globally available in the container (using Unity), by registering an instance (using Container.RegisterInstance), and then getting this instance whenever a module needs to make a web-service call (using Container.Resolve), but this doesn't seem to help. However, any calls made within the same module always gets the same session on the server. Can anyone see what I'm missing here...? Thanks! Jon

    Read the article

  • zend session exception on zend_session::start with forms

    - by Grant Collins
    Hi I'm having issues with trying to use Zend_Form_SubForm and sessions. My controller is in essance acting a wizard showing different subforms depending on the stage of the wizard. Using the example I am planning on storing the forms in a session namespace. My controller looks like this. include 'mylib/Form/addTaskWizardForm.php'; class AddtaskController extends Zend_Controller_Action{ private $config = null; private $log = null; private $subFormSession = null; /** * This function is called and initialises the global variables to this object * which is the configuration details and the logger to write to the log file. */ public function init(){ $this->config = Zend_Registry::getInstance()->get('config'); $this->log = Zend_Registry::getInstance()->get('log'); //set layout $this->_helper->layout->setLayout('no-sidemenus'); //we need to get the subforms and $wizardForms = new addTaskWizardForm(); $this->subFormSession = new Zend_Session_Namespace('addTaskWizardForms'); if(!isset($this->subFormSession->subforms)){ $this->subFormSession->subforms = $wizardForms; } } /** * The Landing page controller for the site. */ public function indexAction(){ $form = $this->subFormSession->subforms->getSubForm('start'); $this->view->form = $form; } However this is causing the application session to crash out with Uncaught exception 'Zend_Session_Exception' with message 'Zend_Session::start() Any idea why this is having issues with the Zend Session?? thanks.

    Read the article

  • Simple App Engine Sessions Implementation

    - by raz0r
    Here is a very basic class for handling sessions on App Engine: """Lightweight implementation of cookie-based sessions for Google App Engine. Classes: Session """ import os import random import Cookie from google.appengine.api import memcache _COOKIE_NAME = 'app-sid' _COOKIE_PATH = '/' _SESSION_EXPIRE_TIME = 180 * 60 class Session(object): """Cookie-based session implementation using Memcached.""" def __init__(self): self.sid = None self.key = None self.session = None cookie_str = os.environ.get('HTTP_COOKIE', '') self.cookie = Cookie.SimpleCookie() self.cookie.load(cookie_str) if self.cookie.get(_COOKIE_NAME): self.sid = self.cookie[_COOKIE_NAME].value self.key = 'session-' + self.sid self.session = memcache.get(self.key) if self.session: self._update_memcache() else: self.sid = str(random.random())[5:] + str(random.random())[5:] self.key = 'session-' + self.sid self.session = dict() memcache.add(self.key, self.session, _SESSION_EXPIRE_TIME) self.cookie[_COOKIE_NAME] = self.sid self.cookie[_COOKIE_NAME]['path'] = _COOKIE_PATH print self.cookie def __len__(self): return len(self.session) def __getitem__(self, key): if key in self.session: return self.session[key] raise KeyError(str(key)) def __setitem__(self, key, value): self.session[key] = value self._update_memcache() def __delitem__(self, key): if key in self.session: del self.session[key] self._update_memcache() return None raise KeyError(str(key)) def __contains__(self, item): try: i = self.__getitem__(item) except KeyError: return False return True def _update_memcache(self): memcache.replace(self.key, self.session, _SESSION_EXPIRE_TIME) I would like some advices on how to improve the code for better security. Note: In the production version it will also save a copy of the session in the datastore. Note': I know there are much more complete implementations available online though I would like to learn more about this subject so please don't answer the question with "use that" or "use the other" library.

    Read the article

  • Reading All Users Session

    - by imran_ku07
      Introduction :            InProc Session is the widely used state management. Storing the session state Inproc is also the fastest method and is well-suited to small amounts of volatile data. Reading and writing current user Session is very easy. But some times we need to read all users session before taking a decision or sometimes we may need to check which users are currently active with the help of Session. But unfortunately there is no class in .Net Framework (i don't found myself) to read all user InProc Session Data. In this article i will use reflection to read all user Inproc Session.   Description :              This code will work equally in both MVC and webform, but for demonstration i will use a simple webform example. So let's create a simple Website and Add two aspx pages, Default.aspx and Default2.aspx. In Default.aspx just add a link to navigate to Default2.aspx and in Default.aspx.cs just add a Session. Default.aspx: <%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="Default" %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html ><head runat="server">    <title>Untitled Page</title></head><body>    <form id="form1" runat="server">    <div>        <a href="Default2.aspx">Click to navigate to next page</a>    </div>    </form></body></html>  Default.aspx.cs:  using System;using System.Data;using System.Configuration;using System.Collections;using System.Web;using System.Web.Security;using System.Web.UI;using System.Web.UI.WebControls;using System.Web.UI.WebControls.WebParts;using System.Web.UI.HtmlControls;public partial class Default : System.Web.UI.Page{    protected void Page_Load(object sender, EventArgs e)    {        Session["User"] = "User" + DateTime.Now;    }} Now when every user click this link will navigate to Default2.aspx where all the magic appears.Default2.aspx.cs: using System;using System.Data;using System.Configuration;using System.Collections;using System.Web;using System.Web.Security;using System.Web.UI;using System.Web.UI.WebControls;using System.Web.UI.WebControls.WebParts;using System.Web.UI.HtmlControls;using System.Reflection;using System.Web.SessionState;public partial class Default2 : System.Web.UI.Page{    protected void Page_Load(object sender, EventArgs e)    {        object obj = typeof(HttpRuntime).GetProperty("CacheInternal", BindingFlags.NonPublic | BindingFlags.Static).GetValue(null, null);        Hashtable c2 = (Hashtable)obj.GetType().GetField("_entries", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(obj);        foreach (DictionaryEntry entry in c2)        {            object o1 = entry.Value.GetType().GetProperty("Value", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(entry.Value, null);            if (o1.GetType().ToString() == "System.Web.SessionState.InProcSessionState")            {                SessionStateItemCollection sess = (SessionStateItemCollection)o1.GetType().GetField("_sessionItems", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(o1);                if (sess != null)                {                    if (sess["User"] != null)                    {                        Label1.Text += sess["User"] + " is Active.<br>";                    }                }            }        }    }}            Now just open more than one browsers or more than one browser instance and then navigate to Default.aspx and click the link, you will see all the user's Session data.    How this works :        InProc session data is stored in the HttpRuntime’s internal cache in an implementation of ISessionStateItemCollection that implements ICollection. In this code, first of all i got CacheInternal Static Property of HttpRuntime class and then with the help of this object i got _entries private member which is of type ICollection. Then simply enumerate this dictionary and only take object of type System.Web.SessionState.InProcSessionState and finaly got SessionStateItemCollection for each user.Summary :        In this article, I shows you how you can get all current user Sessions. However one thing you will find when executing this code is that it will not show the current user Session which is set in the current request context because Session will be saved after all the Page Events.

    Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >